Cell phones (particularly iPhones) are generally considered secure devices, but that doesn’t mean they aren’t open to hacking. And yesterday, Google Project Zero’s ethical hackers showed just how easy it can be to access your iPhone or iPad without your knowledge.
Armed only with a user’s Apple ID, a cell phone hacker is able to remotely hack an iPhone within minutes, stealing passwords, text messages and emails.
Leveraging just one vulnerability labeled CVE-2019-8641, a hacker is also able to remotely activate an Apple iPhone’s microphone and camera without any interaction from the user. In simple terms, this means an attacker could gain access to your iPhone without you clicking a malicious URL.
First things first: This vulnerability was fixed by Apple, so it’s not a danger to you any longer–unless of course you have avoided applying iOS updates on your phone.
Hack iPhone with CVE-2019-8641
CVE-2019-8641 is the name given to the remote memory corruption vulnerability Google’s Groß used to take over an iPhone with just an Apple ID. The issue was originally discovered and reported to Apple as part of Groß’s joint project with Natalie Silvanovich back in July, with a proof of concept exploit published in August.
The vulnerability was first dealt with in iOS 12.4.1 on August 26 when Apple made the vulnerable code unreachable over iMessage. It was fully fixed on October 28 last year when iOS 13.2 dropped.
Multiple other Apple vulnerabilities have been found by Google’s Project Zero over the last year. For example, in July it was revealed that a vulnerability in Apple’s iMessage could render an iPhone useless and force a factory reset.
Also in July, a vulnerability was discovered that could enable an attacker to read the files on an iPhone without having physical access to it. Many of the vulnerabilities relied on using iMessage to own the rest of the phone, Google’s Project Zero said.
While the iPhone is one of the most secure consumer devices on the market, it’s certainly not infallible. Security researcher Ian Beer drove that point home just about a year ago when he found 30 different iOS vulnerabilities while working for Project Zero, Google’s team of elite hackers tasked with finding vulnerabilities in competitors’ (and Google) products.
Project Zero has returned with a new report by researcher Natalie Silvanovich highlighting 10 new ways that the iPhone can be covertly compromised by hackers. Silvanovich and fellow Project Zero researcher Samuel Groß revealed the flaws some weeks ago at the Black Hat hacking and security conference in Las Vegas.
Gaining Remote Access into iPhone
“There have been rumors of remote vulnerabilities requiring no user interaction being used to attack the iPhone, but limited information is available about the technical aspects of these attacks on modern devices,” the presentation proclaimed.
The vulnerabilities found by Silvanovich and Groß run the gamut and involve services like text messaging, visual voicemail, and email. But iMessage, the default messaging app on iOS and Mac devices, suffered from the highest number of high-impact bugs.
One of the iMessage vulnerabilities allows a hacker to send a specially crafted text message to a target tricking the iMessage server into coughing up the content of user text messages (both text and images). Under this scenario, the end target would never even see the message, or be aware that they’d been targeted. They wouldn’t even need to open the app.
Other vulnerabilities opened the door to text messages being used to plant malicious code on a user’s device without the target’s knowledge. The complexity of iMessage, and its cross dependency on numerous other services, apps, and libraries, increases the risk that these attacks will be able to bypass the broader iOS defenses, Silvanovich says.
The lion’s share of the flaws are what the Project Zero team termed remote or “zero click” vulnerabilities, given they don’t require any physical interaction from the target (like clicking on a phishing link) in order to succeed. Such flaws are highly sought after by state actors and others given the target remains utterly oblivious to the fact that any attack has even occurred.
While six of the vulnerabilities have already been patched, several of them have not, the researchers said. And there’s more yet to be revealed.
Hack iPhone by Spotting Vulnerability
The researchers say they were motivated to hunt for more zero click vulnerabilities after a Whatsapp vulnerability recently highlighted how iPhone users could have spyware installed on their phones—and calls listened in on—without any indication whatsoever the end user had been compromised.
“Overall, the number and severity of the remote vulnerabilities we found was substantial,” Project Zero researcher Natalie Silvanovich said of the findings. “Reducing the remote attack surface of the iPhone would likely improve its security.”
Just months earlier, Project Zero researchers had discovered another suite of iMessage vulnerabilities so severe they could result in a target’s iPhone being wiped completely by a remote attacker, again with zero action ever being taken by the target. Other bugs allowed for the covert siphoning of private user data from a target device.
Apple began offering six figures rewards to hackers for discovering vulnerabilities in its products in 2016, likely due to the fact that such vulnerabilities can net millions of dollars on the gray market where they’re likely to cause significantly more harm to end users in the wild. Last week, the company announced that it will pay up to $1 million for vulnerabilities.
Last year, Beer urged Apple to donate $2.45 million to to human rights group Amnesty International as payment for the laundry list of exploits he’d discovered, though Apple has yet to take him up on the proposal.
Silvanovich has made it clear that iOS security generally remains high. And while it’s impossible to be entirely secure in the face of such attacks, the best course of action is to keep your OS and apps updated. All six of the iMessage bugs Silvanovich presented last week at Def Con were patched via Apple’s recently released iOS 12.4 and macOS 10.13.6 updates.
For further inquiry, and to find out more about how to use this service, or to hire a professional hacker,
Contact the Head of IT department, by sending an email to: